OBJ first-order functional language based on equational logic parameterized programming supports declarative style that facilitates verification and allows OBJ to be used as a theorem-prover can include LISP code provides flexible environment – convenient for specification and rapid prototyping

Equational Calculus calculus of replacing terms by equal terms. Equational calculus derives (proves) a term equation from a conditional-equational axiom set.

Equational Calculus The deduction rules in this calculus are: Reflexivity: Any term is provably equal to itself (t = t). Transitivity: If t1 is provably equal to t2 and t2 is provably equal to t3, then t1 is provably equal to t3. Symmetry: If t1 is provably equal to t2, then t2 is provably equal to t1. Congruence: If t1 is provably equal to t2, then any two terms are provably equal which consist of some context built around t1 and t2.

Three kinds of top-level entities objects object encapsulates executable code theories theory defines properties that may or may not be satisfied by another object or theory views a view is binding of the entities declared in the theory Objects and theories are called modules

The most important OBJ unit is the Object, which encapsulates executable code. Syntactically, an object begins with the key word obj and ends with endo. The name of the object occurs immediately after obj keyword; following this comes is, and then body of the object. obj <ModID> is … endo

obj <ModID> is … endo For parameterized objects, the name is a simple identifier, such as STACK-OF-INT, PHRASE, or OBJ14. Parameterized objects have an interface specification in place of a simple name. obj <ModID> is … endo

Sorts declared with the syntax sorts <SortIDList> sorts Nat Int Rat . sort <SortID> sort Int .

Order Sorted Algebra (OSA) designed to handle cases where things of one sort are also of another sort For example, natural numbers are also integers Where operators or expressions have several different sorts Provides subsort partial ordering among sorts supports multiple inheritance

Subsort Example obj BITS1 is sorts BIT Bits . subsorts Bit < Bits . ops 0 1 : -> Bits . ops -- : Bit Bits -> Bits . endo

Equations and Semantics Denotational semantics based upon OSA Operational semantics based upon order sorted term rewriting Semantics of an object are determined by its equations Equations are written declaratively and interpreted operationally

Equations and Semantics Rewrite rules substitute instances of left side by corresponding substitution instances on the right side eq M + s N = s(M + N) . M and N are variables, + and s are operator symbols eq introduces the equation = separates the left and right side of the equation

Operational Semantics in Reduction obj LIST-OF-INT is sort List . protecting INT . subsort Int < List . op -- : Int List -> List . op length_ : List -> Int . var I : Int . var L : List . eq length I = 1; eq length(I L) = 1 + length(L) endo

term evaluation reduce [in <ModExp> :] <Term> Reduce command is executed by matching the given term with the left sides of the equations and then replacing the matched subterm with the corresponding right side. This is called application of rewrite rules

Term Evaluation The operational semantics for a conditional rewrite rule is as follows: first find a match for the left side then evaluate the condition after substituting the binding determined by the match if it evaluates to true then do the replacement by the right side, again using the values for the variables determined by the match. Evaluating the condition could require non-trivial further rewriting the cases.

reduce length(17 -4 329) . =========================================== reduce in LIST-OF-INT : length (17 (-4 329)) rewrites: 5 result NzNat: 3

reduce length(17 -4 329) . length(17 -4 329) => 1 + length(-4 329) => 1+ (1 + length 329) => 1 + 2 => 3 We call it a trace of the computation.